fix: IaC Azure requires 'temporary_name_for_rotation' during update (#502)

dhoucgitter · web-flow · commit 7130e8307061 · 2025-05-16T17:08:40.000-04:00
Signed-off-by: David.Houck &lt;David.Houck@sas.com&gt;
diff --git a/modules/aks_node_pool/main.tf b/modules/aks_node_pool/main.tf
@@ -28,14 +28,18 @@ resource "azurerm_kubernetes_cluster_node_pool" "autoscale_node_pool" {
   priority                     = var.community_priority
   eviction_policy              = var.community_eviction_policy
   spot_max_price               = var.community_spot_max_price
+  temporary_name_for_rotation  = substr("t${var.node_pool_name}", 0, 12)
 
   lifecycle {
     ignore_changes = [node_count]
   }
 
-  linux_os_config {
-    sysctl_config {
-      vm_max_map_count = try(var.linux_os_config.sysctl_config.vm_max_map_count,null)
+  dynamic "linux_os_config" {
+    for_each = var.linux_os_config[*]
+    content {
+      sysctl_config {
+        vm_max_map_count = var.linux_os_config.sysctl_config.vm_max_map_count
+      }
     }
   }
 }
@@ -64,9 +68,14 @@ resource "azurerm_kubernetes_cluster_node_pool" "static_node_pool" {
   priority                     = var.community_priority
   eviction_policy              = var.community_eviction_policy
   spot_max_price               = var.community_spot_max_price
-  linux_os_config {
-    sysctl_config {
-      vm_max_map_count = try(var.linux_os_config.sysctl_config.vm_max_map_count,null)
+  temporary_name_for_rotation  = substr("t${var.node_pool_name}", 0, 12)
+
+  dynamic "linux_os_config" {
+    for_each = var.linux_os_config[*]
+    content {
+      sysctl_config {
+        vm_max_map_count = var.linux_os_config.sysctl_config.vm_max_map_count
+      }
     }
   }
 }
diff --git a/modules/azurerm_vm/main.tf b/modules/azurerm_vm/main.tf
@@ -107,5 +107,9 @@ resource "azurerm_linux_virtual_machine" "vm" {
 
   tags = var.tags
 
+  lifecycle {
+    ignore_changes = [ identity ]
+  }
+
   depends_on = [azurerm_network_interface_security_group_association.vm_nic_sg]
 }

Original file line number	Diff line number	Diff line change
`@@ -28,14 +28,18 @@ resource "azurerm_kubernetes_cluster_node_pool" "autoscale_node_pool" {`
`28`	`28`	`priority = var.community_priority`
`29`	`29`	`eviction_policy = var.community_eviction_policy`
`30`	`30`	`spot_max_price = var.community_spot_max_price`
	`31`	`+ temporary_name_for_rotation = substr("t${var.node_pool_name}", 0, 12)`
`31`	`32`
`32`	`33`	`lifecycle {`
`33`	`34`	`ignore_changes = [node_count]`
`34`	`35`	`}`
`35`	`36`
`36`		`- linux_os_config {`
`37`		`- sysctl_config {`
`38`		`- vm_max_map_count = try(var.linux_os_config.sysctl_config.vm_max_map_count,null)`
	`37`	`+ dynamic "linux_os_config" {`
	`38`	`+ for_each = var.linux_os_config[*]`
	`39`	`+ content {`
	`40`	`+ sysctl_config {`
	`41`	`+ vm_max_map_count = var.linux_os_config.sysctl_config.vm_max_map_count`
	`42`	`+ }`
`39`	`43`	`}`
`40`	`44`	`}`
`41`	`45`	`}`
`@@ -64,9 +68,14 @@ resource "azurerm_kubernetes_cluster_node_pool" "static_node_pool" {`
`64`	`68`	`priority = var.community_priority`
`65`	`69`	`eviction_policy = var.community_eviction_policy`
`66`	`70`	`spot_max_price = var.community_spot_max_price`
`67`		`- linux_os_config {`
`68`		`- sysctl_config {`
`69`		`- vm_max_map_count = try(var.linux_os_config.sysctl_config.vm_max_map_count,null)`
	`71`	`+ temporary_name_for_rotation = substr("t${var.node_pool_name}", 0, 12)`
	`72`	`+`
	`73`	`+ dynamic "linux_os_config" {`
	`74`	`+ for_each = var.linux_os_config[*]`
	`75`	`+ content {`
	`76`	`+ sysctl_config {`
	`77`	`+ vm_max_map_count = var.linux_os_config.sysctl_config.vm_max_map_count`
	`78`	`+ }`
`70`	`79`	`}`
`71`	`80`	`}`
`72`	`81`	`}`
Original file line number	Diff line number	Diff line change
`@@ -107,5 +107,9 @@ resource "azurerm_linux_virtual_machine" "vm" {`
`107`	`107`
`108`	`108`	`tags = var.tags`
`109`	`109`
	`110`	`+ lifecycle {`
	`111`	`+ ignore_changes = [ identity ]`
	`112`	`+ }`
	`113`	`+`
`110`	`114`	`depends_on = [azurerm_network_interface_security_group_association.vm_nic_sg]`
`111`	`115`	`}`